CWE-1257 – Improper Access Control Applied to Mirrored or Aliased Memory Regions
Description Aliased or mirrored memory regions in hardware designs may have inconsistent read/write permissions enforced by the hardware. A possible result is that an untrusted...
CWE-1256 – Improper Restriction of Software Interfaces to Hardware Features
Description The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functionality that can lead...
CWE-1255 – Comparison Logic is Vulnerable to Power Side-Channel Attacks
Description A device's real time power consumption may be monitored during security token evaluation and the information gleaned may be used to determine the value...
CWE-1254 – Incorrect Comparison Logic Granularity
Description The product's comparison logic is performed over a series of steps rather than across the entire string in one operation. If there is a...
CWE-1253 – Incorrect Selection of Fuse Values
Description The logic level used to set a system to a secure state relies on a fuse being unblown. An attacker can set the system...
CWE-1252 – CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
Description The CPU is not configured to provide hardware support for exclusivity of write and execute operations on memory. This allows an attacker to execute...
CWE-1251 – Mirrored Regions with Different Values
Description The product's architecture mirrors regions without ensuring that their contents always stay in sync. Modes of Introduction: Related Weaknesses CWE-1250 Consequences...
CWE-1250 – Improper Preservation of Consistency Between Independent Representations of Shared State
Description The product has or supports multiple distributed components or sub-systems that are each required to keep their own local copy of shared data -...
CWE-125 – Out-of-bounds Read
Description The software reads data past the end, or before the beginning, of the intended buffer. Typically, this can allow attackers to read sensitive information...
CWE-1249 – Application-Level Admin Tool with Inconsistent View of Underlying Operating System
Description The product provides an application for administrators to manage parts of the underlying operating system, but the application does not accurately identify all of...